General
-
Target
4a54677c5f20159f74c46a4dc990c69f_JaffaCakes118
-
Size
491KB
-
Sample
240331-cjtrdscd72
-
MD5
4a54677c5f20159f74c46a4dc990c69f
-
SHA1
b879afb455ca927b6acca59b38f77a2188857ed1
-
SHA256
d2aa010515bc8390084659013a1fd1e3e476e36ce46293281deb95c4469663f9
-
SHA512
990405692fbf867bd799d92e52b1378b2d7128c45ec0f6e53367830dbd811f5c33c42c1fefe5b5f4a34cab2d68be9aeffb6252da1557f6efdac142c74b151b60
-
SSDEEP
12288:gfSBNPdJaQmuRFuh9VAP1ZViSMlqj5hbwCeHggTGatOXExn/5fK:RBtSQm0M0vVAqj5RQHgWGcsEFk
Static task
static1
Behavioral task
behavioral1
Sample
4a54677c5f20159f74c46a4dc990c69f_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
xloader
2.5
b5ce
advellerd.xyz
giasuvina.com
arab-xt-pro.com
ahsltu2ua4.com
trasportesemmanuel.com
kissimmeesoccercup.com
studyengland.com
m2volleyballclub.com
shyuehuan.com
elsml.com
blog-x-history.top
coditeu.com
allattachments.net
vigautruc.com
mentication.com
zambiaedu.xyz
filadelfiacenter.com
avlaborsourceinc.info
tameka-stewart.com
studio-cleo.com
cruisebookingsonlineukweb.com
bajajfinservmutualfund.com
bipxtech.cloud
glottogon.com
villamante.com
lvfrm.xyz
bhadanamedia.digital
austindemolitioncontractor.com
nutritionhawks.com
vcmalihx.top
busybstickerco.com
lianshangtron.com
tenncreative.com
charmfulland.com
zuridesire.com
vliegenmetplezier.com
khlopok.club
tovardarom.xyz
atmospheraglobal.com
lakeefctmich.com
novasaude-g1.online
joymort.com
allexceptionalcapital.com
balicoffeeuniversal.com
netjyjin26.net
arpdomestic.com
ozglobetips.online
zeogg.club
josiemaran-supernatural.com
sieuthinhapkhau.store
healthonline.store
coiincrypt.com
fofija.com
yshowmedia.com
enhancedcr.com
tous-des-cons.club
holeinthewallbus.com
okssl.net
gutenstocks.com
thelindleyfamily.com
apexpropertiesltd.com
powerhousetepusa.com
urbanopportunities.com
comarch.tech
rheilea.com
Targets
-
-
Target
4a54677c5f20159f74c46a4dc990c69f_JaffaCakes118
-
Size
491KB
-
MD5
4a54677c5f20159f74c46a4dc990c69f
-
SHA1
b879afb455ca927b6acca59b38f77a2188857ed1
-
SHA256
d2aa010515bc8390084659013a1fd1e3e476e36ce46293281deb95c4469663f9
-
SHA512
990405692fbf867bd799d92e52b1378b2d7128c45ec0f6e53367830dbd811f5c33c42c1fefe5b5f4a34cab2d68be9aeffb6252da1557f6efdac142c74b151b60
-
SSDEEP
12288:gfSBNPdJaQmuRFuh9VAP1ZViSMlqj5hbwCeHggTGatOXExn/5fK:RBtSQm0M0vVAqj5RQHgWGcsEFk
-
Xloader payload
-
Suspicious use of SetThreadContext
-